3 min read

What is the FTC’s revised health breach notification rule? 

Farah Amod: Oct 15, 2024 4:55:05 PM

To address the issue of the protection of consumer health data, the Federal Trade Commission (FTC) has implemented changes to the health breach...

2 min read

Using dual roles for security and privacy officers in healthcare

Kirsten Peremore: Oct 15, 2024 4:52:55 PM

Organizations often combine the roles of Security and Privacy officers because the organization is too small to facilitate separate roles or to...

2 min read

Learning from recent email breaches

Tshedimoso Makhene: Oct 15, 2024 3:52:22 PM

In recent months, four HIPAA-covered entities—Southern Bone & Joint Specialists, Connally Memorial Medical Center, Rim Country Health and...

3 min read

Understanding HIPAA transactions and code set rules

Farah Amod: Oct 15, 2024 3:45:16 PM

Code sets and transactions are standardized codes used for data elements in healthcare. These codes can simplify the exchange of information and lead...

3 min read

CMS rules for HIPAA compliance when texting patient data

Farah Amod: Oct 15, 2024 12:44:46 PM

As healthcare professionals increasingly rely on mobile technology for patient care, HIPAA compliance has become a growing concern. The Centers for...

Is HIPAA compliance necessary when communicating with school counselors?

Kirsten Peremore: Oct 15, 2024 8:37:25 AM

3 min read

Opting out of receiving text messages about data breaches

Tshedimoso Makhene: Oct 15, 2024 3:31:06 AM

While some patients may prefer other communication methods, healthcare providers are often required by law to notify individuals of a data breach....

2 min read

Can healthcare organizations share patient information with a caller?

Kirsten Peremore: Oct 15, 2024 3:24:57 AM

Healthcare organizations can share a patient's information with a caller if the patient has agreed to it and the caller follows specific privacy...

2 min read

Russian APT29 hackers exploit vulnerabilities in global cyberattack

U.S. and U.K. cyber agencies have jointly issued a warning about the ongoing attacks by Russian-linked APT29 hackers, exploiting vulnerabilities in...

2 min read

HHS imposes $240,000 penalty on Providence Medical Institute

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a $240,000 civil monetary penalty against Providence...

3 min read

Using email to notify patients of a data breach

Tshedimoso Makhene: Oct 14, 2024 2:50:56 PM

Email is an efficient way to notify patients about a data breach due to its speed, scalability, and accessibility. It allows healthcare organizations...

3 min read

What to do when patient emails contain too much PHI

Liyanda Tembani: Oct 13, 2024 6:08:54 AM

If emails from patients contain too much PHI, acknowledge the email securely using a HIPAA compliant system, avoid replying with additional sensitive...